Merge remote-tracking branch 'lass/master' into staging

This commit is contained in:
makefu 2018-04-05 23:21:53 +02:00
commit 54c104e1e1
No known key found for this signature in database
GPG key ID: 36F7711F3FC0F225
24 changed files with 1273 additions and 1844 deletions

View file

@ -0,0 +1,118 @@
{ stdenv, writeScriptBin, lib, fetchurl, git, cacert
, erlang, openssl, expat, libyaml, bash, gnused, gnugrep, coreutils, utillinux, procps
, withMysql ? false
, withPgsql ? false
, withSqlite ? false, sqlite
, withPam ? false, pam
, withZlib ? true, zlib
, withRiak ? false
, withElixir ? false, elixir
, withIconv ? true
, withTools ? false
, withRedis ? false
}:
let
fakegit = writeScriptBin "git" ''
#! ${stdenv.shell} -e
if [ "$1" = "describe" ]; then
[ -r .rev ] && cat .rev || true
fi
'';
ctlpath = lib.makeBinPath [ bash gnused gnugrep coreutils utillinux procps ];
in stdenv.mkDerivation rec {
version = "17.07";
name = "ejabberd-${version}";
src = fetchurl {
url = "http://www.process-one.net/downloads/ejabberd/${version}/${name}.tgz";
sha256 = "1p8ppp2czjgnq8xnhyksd82npvvx99fwr0g3rrq1wvnwh2vgb8km";
};
nativeBuildInputs = [ fakegit ];
buildInputs = [ erlang openssl expat libyaml ]
++ lib.optional withSqlite sqlite
++ lib.optional withPam pam
++ lib.optional withZlib zlib
++ lib.optional withElixir elixir
;
# Apparently needed for Elixir
LANG = "en_US.UTF-8";
deps = stdenv.mkDerivation {
name = "ejabberd-deps-${version}";
inherit src;
configureFlags = [ "--enable-all" "--with-sqlite3=${sqlite.dev}" ];
buildInputs = [ git erlang openssl expat libyaml sqlite pam zlib elixir ];
GIT_SSL_CAINFO = "${cacert}/etc/ssl/certs/ca-bundle.crt";
makeFlags = [ "deps" ];
phases = [ "unpackPhase" "configurePhase" "buildPhase" "installPhase" ];
installPhase = ''
for i in deps/*; do
( cd $i
git reset --hard
git clean -ffdx
git describe --always --tags > .rev
rm -rf .git
)
done
rm deps/.got
cp -r deps $out
'';
outputHashMode = "recursive";
outputHashAlgo = "sha256";
outputHash = "1q9yzccn4zf5i4hibq1r0i34q4986a93ph4792l1ph07aiisc8p7";
};
configureFlags =
[ (lib.enableFeature withMysql "mysql")
(lib.enableFeature withPgsql "pgsql")
(lib.enableFeature withSqlite "sqlite")
(lib.enableFeature withPam "pam")
(lib.enableFeature withZlib "zlib")
(lib.enableFeature withRiak "riak")
(lib.enableFeature withElixir "elixir")
(lib.enableFeature withIconv "iconv")
(lib.enableFeature withTools "tools")
(lib.enableFeature withRedis "redis")
] ++ lib.optional withSqlite "--with-sqlite3=${sqlite.dev}";
enableParallelBuilding = true;
preBuild = ''
cp -r $deps deps
chmod -R +w deps
patchShebangs deps
'';
postInstall = ''
sed -i \
-e '2iexport PATH=${ctlpath}:$PATH' \
-e 's,\(^ *FLOCK=\).*,\1${utillinux}/bin/flock,' \
-e 's,\(^ *JOT=\).*,\1,' \
-e 's,\(^ *CONNLOCKDIR=\).*,\1/var/lock/ejabberdctl,' \
$out/sbin/ejabberdctl
'';
meta = {
description = "Open-source XMPP application server written in Erlang";
license = lib.licenses.gpl2;
homepage = http://www.ejabberd.im;
platforms = lib.platforms.linux;
maintainers = [ lib.maintainers.sander lib.maintainers.abbradar ];
broken = withElixir;
};
}

View file

@ -1,25 +1,26 @@
{ stdenv, makeWrapper, callPackage, lib, buildEnv, fetchgit, nodePackages, nodejs }:
{ stdenv, makeWrapper, lib, buildEnv, fetchgit, nodejs-8_x, pkgs }:
with lib;
let
np = (callPackage <nixpkgs/pkgs/top-level/node-packages.nix>) {
generated = ./packages.nix;
self = np;
nodeEnv = import <nixpkgs/pkgs/development/node-packages/node-env.nix> {
inherit (pkgs) stdenv python2 utillinux runCommand writeTextFile;
nodejs = nodejs-8_x;
libtool = if pkgs.stdenv.isDarwin then pkgs.darwin.cctools else null;
};
node_env = buildEnv {
name = "node_env";
paths = [
np.redis
np."formidable"
];
pathsToLink = [ "/lib" ];
ignoreCollisions = true;
node_env = pkgs.buildEnv {
name = "go-node_env";
paths = attrValues (import ./node-packages.nix {
inherit (pkgs) fetchurl fetchgit;
inherit nodeEnv;
});
};
in np.buildNodePackage {
in stdenv.mkDerivation {
packageName = "go";
name = "go-shortener";
version = "0.0.0";
src = fetchgit {
url = "http://cgit.lassul.us/go/";
@ -32,10 +33,8 @@ in np.buildNodePackage {
"installPhase"
];
deps = (filter (v: nixType v == "derivation") (attrValues np));
buildInputs = [
nodejs
nodejs-8_x
makeWrapper
];
@ -44,14 +43,14 @@ in np.buildNodePackage {
cp index.js $out/
cat > $out/go << EOF
${nodejs}/bin/node $out/index.js
${nodejs-8_x}/bin/node $out/index.js
EOF
chmod +x $out/go
wrapProgram $out/go \
--prefix NODE_PATH : ${node_env}/lib/node_modules
ln -s $out/go /$out/bin/go
ln -s $out/go /$out/bin/go
'';
}

View file

@ -0,0 +1,76 @@
# This file has been generated by node2nix 1.5.3. Do not edit!
{nodeEnv, fetchurl, fetchgit, globalBuildInputs ? []}:
let
sources = {
"double-ended-queue-2.1.0-0" = {
name = "double-ended-queue";
packageName = "double-ended-queue";
version = "2.1.0-0";
src = fetchurl {
url = "https://registry.npmjs.org/double-ended-queue/-/double-ended-queue-2.1.0-0.tgz";
sha1 = "103d3527fd31528f40188130c841efdd78264e5c";
};
};
"redis-commands-1.3.5" = {
name = "redis-commands";
packageName = "redis-commands";
version = "1.3.5";
src = fetchurl {
url = "https://registry.npmjs.org/redis-commands/-/redis-commands-1.3.5.tgz";
sha512 = "2q8pai3gf0dczb03jjig3mpaz4j2kvw8icpgf8hp4fryr3d6c0mjkvxxdmlyhainybx4zhgqsw9ghc9p986alzdzd2n2p4cxvr8b0by";
};
};
"redis-parser-2.6.0" = {
name = "redis-parser";
packageName = "redis-parser";
version = "2.6.0";
src = fetchurl {
url = "https://registry.npmjs.org/redis-parser/-/redis-parser-2.6.0.tgz";
sha1 = "52ed09dacac108f1a631c07e9b69941e7a19504b";
};
};
};
in
{
formidable = nodeEnv.buildNodePackage {
name = "formidable";
packageName = "formidable";
version = "1.2.1";
src = fetchurl {
url = "https://registry.npmjs.org/formidable/-/formidable-1.2.1.tgz";
sha512 = "1x0n2rfaiasdjbw1mm7s29z84f68c7iji7lb1gkxvpknvv6q7bwns7z55ijcf4vkh4kvis12rbgaaih49jf9lj53s30mllb1d35bkqn";
};
buildInputs = globalBuildInputs;
meta = {
description = "A node.js module for parsing form data, especially file uploads.";
homepage = https://github.com/felixge/node-formidable;
license = "MIT";
};
production = true;
bypassCache = true;
};
redis = nodeEnv.buildNodePackage {
name = "redis";
packageName = "redis";
version = "2.8.0";
src = fetchurl {
url = "https://registry.npmjs.org/redis/-/redis-2.8.0.tgz";
sha512 = "3a3044ax6qdvss83xgjfx10h5q91ls0mwgs3wpsnxcdsiipq3cnmqzsh6glyq0r7vsmpw49jp84c2jnfrhi2bgycrkd9hhhf6ia8lrk";
};
dependencies = [
sources."double-ended-queue-2.1.0-0"
sources."redis-commands-1.3.5"
sources."redis-parser-2.6.0"
];
buildInputs = globalBuildInputs;
meta = {
description = "Redis client library";
homepage = https://github.com/NodeRedis/node_redis;
license = "MIT";
};
production = true;
bypassCache = true;
};
}

View file

@ -1,44 +0,0 @@
{ self, fetchurl, fetchgit ? null, lib }:
{
by-spec."formidable"."*" =
self.by-version."formidable"."1.0.17";
by-version."formidable"."1.0.17" = self.buildNodePackage {
name = "formidable-1.0.17";
version = "1.0.17";
bin = false;
src = fetchurl {
url = "http://registry.npmjs.org/formidable/-/formidable-1.0.17.tgz";
name = "formidable-1.0.17.tgz";
sha1 = "ef5491490f9433b705faa77249c99029ae348559";
};
deps = {
};
optionalDependencies = {
};
peerDependencies = [];
os = [ ];
cpu = [ ];
};
"formidable" = self.by-version."formidable"."1.0.17";
by-spec."redis"."*" =
self.by-version."redis"."2.1.0";
by-version."redis"."2.1.0" = self.buildNodePackage {
name = "redis-2.1.0";
version = "2.1.0";
bin = false;
src = fetchurl {
url = "http://registry.npmjs.org/redis/-/redis-2.1.0.tgz";
name = "redis-2.1.0.tgz";
sha1 = "38acb208f90750250f9451219b73ff08ae907f94";
};
deps = {
};
optionalDependencies = {
};
peerDependencies = [];
os = [ ];
cpu = [ ];
};
"redis" = self.by-version."redis"."2.1.0";
}

View file

@ -0,0 +1,4 @@
[
"formidable",
"redis"
]

View file

@ -0,0 +1,2 @@
node2nix -8 -i pkgs.json -c combine.nix
rm node-env.nix combine.nix

View file

@ -1,7 +1,7 @@
{ lib, pkgs, ... }:
pkgs.writeDashBin "hashPassword" ''
# usage: hashPassword
# usage: hashPassword [...]
set -euf
export PATH=${lib.makeBinPath (with pkgs; [
@ -11,5 +11,5 @@ pkgs.writeDashBin "hashPassword" ''
])}
salt=$(openssl rand -base64 16 | tr -d '+=' | head -c 16)
exec mkpasswd -m sha-512 -S "$salt"
exec mkpasswd -m sha-512 -S "$salt" "$@"
''

View file

@ -1,27 +1,27 @@
{ stdenv, makeWrapper, callPackage, lib, buildEnv, fetchgit, nodePackages, nodejs }:
{ stdenv, makeWrapper, lib, buildEnv, fetchgit, nodejs-8_x, pkgs, icu }:
with lib;
let
np = (callPackage <nixpkgs/pkgs/top-level/node-packages.nix>) {
generated = ./packages.nix;
self = np;
nodeEnv = import <nixpkgs/pkgs/development/node-packages/node-env.nix> {
inherit (pkgs) stdenv python2 utillinux runCommand writeTextFile;
nodejs = nodejs-8_x;
libtool = if pkgs.stdenv.isDarwin then pkgs.darwin.cctools else null;
};
node_env = buildEnv {
name = "node_env";
paths = [
np.feedparser
np.form-data
np.irc
np.request
np.shell-quote
];
pathsToLink = [ "/lib" ];
ignoreCollisions = true;
node_env = pkgs.buildEnv {
name = "go-node_env";
paths = attrValues (import ./node-packages.nix {
inherit (pkgs) fetchurl fetchgit;
inherit nodeEnv;
globalBuildInputs = [
icu.dev
];
});
};
in np.buildNodePackage {
in stdenv.mkDerivation {
name = "newsbot-js";
src = fetchgit {
@ -32,14 +32,11 @@ in np.buildNodePackage {
phases = [
"unpackPhase"
"patchPhase"
"installPhase"
];
deps = (filter (v: nixType v == "derivation") (attrValues np));
buildInputs = [
nodejs
nodejs-8_x
makeWrapper
];
@ -48,7 +45,7 @@ in np.buildNodePackage {
cp newsbot.js $out/
cat > $out/newsbot << EOF
${nodejs}/bin/node $out/newsbot.js
${nodejs-8_x}/bin/node $out/newsbot.js
EOF
chmod +x $out/newsbot

View file

@ -0,0 +1,844 @@
# This file has been generated by node2nix 1.5.3. Do not edit!
{nodeEnv, fetchurl, fetchgit, globalBuildInputs ? []}:
let
sources = {
"addressparser-1.0.1" = {
name = "addressparser";
packageName = "addressparser";
version = "1.0.1";
src = fetchurl {
url = "https://registry.npmjs.org/addressparser/-/addressparser-1.0.1.tgz";
sha1 = "47afbe1a2a9262191db6838e4fd1d39b40821746";
};
};
"ajv-5.5.2" = {
name = "ajv";
packageName = "ajv";
version = "5.5.2";
src = fetchurl {
url = "https://registry.npmjs.org/ajv/-/ajv-5.5.2.tgz";
sha1 = "73b5eeca3fab653e3d3f9422b341ad42205dc965";
};
};
"array-filter-0.0.1" = {
name = "array-filter";
packageName = "array-filter";
version = "0.0.1";
src = fetchurl {
url = "https://registry.npmjs.org/array-filter/-/array-filter-0.0.1.tgz";
sha1 = "7da8cf2e26628ed732803581fd21f67cacd2eeec";
};
};
"array-indexofobject-0.0.1" = {
name = "array-indexofobject";
packageName = "array-indexofobject";
version = "0.0.1";
src = fetchurl {
url = "https://registry.npmjs.org/array-indexofobject/-/array-indexofobject-0.0.1.tgz";
sha1 = "aaa128e62c9b3c358094568c219ff64fe489d42a";
};
};
"array-map-0.0.0" = {
name = "array-map";
packageName = "array-map";
version = "0.0.0";
src = fetchurl {
url = "https://registry.npmjs.org/array-map/-/array-map-0.0.0.tgz";
sha1 = "88a2bab73d1cf7bcd5c1b118a003f66f665fa662";
};
};
"array-reduce-0.0.0" = {
name = "array-reduce";
packageName = "array-reduce";
version = "0.0.0";
src = fetchurl {
url = "https://registry.npmjs.org/array-reduce/-/array-reduce-0.0.0.tgz";
sha1 = "173899d3ffd1c7d9383e4479525dbe278cab5f2b";
};
};
"asn1-0.2.3" = {
name = "asn1";
packageName = "asn1";
version = "0.2.3";
src = fetchurl {
url = "https://registry.npmjs.org/asn1/-/asn1-0.2.3.tgz";
sha1 = "dac8787713c9966849fc8180777ebe9c1ddf3b86";
};
};
"assert-plus-1.0.0" = {
name = "assert-plus";
packageName = "assert-plus";
version = "1.0.0";
src = fetchurl {
url = "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz";
sha1 = "f12e0f3c5d77b0b1cdd9146942e4e96c1e4dd525";
};
};
"asynckit-0.4.0" = {
name = "asynckit";
packageName = "asynckit";
version = "0.4.0";
src = fetchurl {
url = "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz";
sha1 = "c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79";
};
};
"aws-sign2-0.7.0" = {
name = "aws-sign2";
packageName = "aws-sign2";
version = "0.7.0";
src = fetchurl {
url = "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz";
sha1 = "b46e890934a9591f2d2f6f86d7e6a9f1b3fe76a8";
};
};
"aws4-1.6.0" = {
name = "aws4";
packageName = "aws4";
version = "1.6.0";
src = fetchurl {
url = "https://registry.npmjs.org/aws4/-/aws4-1.6.0.tgz";
sha1 = "83ef5ca860b2b32e4a0deedee8c771b9db57471e";
};
};
"bcrypt-pbkdf-1.0.1" = {
name = "bcrypt-pbkdf";
packageName = "bcrypt-pbkdf";
version = "1.0.1";
src = fetchurl {
url = "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.1.tgz";
sha1 = "63bc5dcb61331b92bc05fd528953c33462a06f8d";
};
};
"boom-4.3.1" = {
name = "boom";
packageName = "boom";
version = "4.3.1";
src = fetchurl {
url = "https://registry.npmjs.org/boom/-/boom-4.3.1.tgz";
sha1 = "4f8a3005cb4a7e3889f749030fd25b96e01d2e31";
};
};
"boom-5.2.0" = {
name = "boom";
packageName = "boom";
version = "5.2.0";
src = fetchurl {
url = "https://registry.npmjs.org/boom/-/boom-5.2.0.tgz";
sha512 = "19h20yqpvca08dns1rs4f057f10w63v0snxfml4h5khsk266x3x1im0w72bza4k2xn0kfz6jlv001dhcvxsjr09bmbqnysils9m7437";
};
};
"caseless-0.12.0" = {
name = "caseless";
packageName = "caseless";
version = "0.12.0";
src = fetchurl {
url = "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz";
sha1 = "1b681c21ff84033c826543090689420d187151dc";
};
};
"co-4.6.0" = {
name = "co";
packageName = "co";
version = "4.6.0";
src = fetchurl {
url = "https://registry.npmjs.org/co/-/co-4.6.0.tgz";
sha1 = "6ea6bdf3d853ae54ccb8e47bfa0bf3f9031fb184";
};
};
"combined-stream-1.0.6" = {
name = "combined-stream";
packageName = "combined-stream";
version = "1.0.6";
src = fetchurl {
url = "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.6.tgz";
sha1 = "723e7df6e801ac5613113a7e445a9b69cb632818";
};
};
"core-util-is-1.0.2" = {
name = "core-util-is";
packageName = "core-util-is";
version = "1.0.2";
src = fetchurl {
url = "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz";
sha1 = "b5fd54220aa2bc5ab57aab7140c940754503c1a7";
};
};
"cryptiles-3.1.2" = {
name = "cryptiles";
packageName = "cryptiles";
version = "3.1.2";
src = fetchurl {
url = "https://registry.npmjs.org/cryptiles/-/cryptiles-3.1.2.tgz";
sha1 = "a89fbb220f5ce25ec56e8c4aa8a4fd7b5b0d29fe";
};
};
"dashdash-1.14.1" = {
name = "dashdash";
packageName = "dashdash";
version = "1.14.1";
src = fetchurl {
url = "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz";
sha1 = "853cfa0f7cbe2fed5de20326b8dd581035f6e2f0";
};
};
"delayed-stream-1.0.0" = {
name = "delayed-stream";
packageName = "delayed-stream";
version = "1.0.0";
src = fetchurl {
url = "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz";
sha1 = "df3ae199acadfb7d440aaae0b29e2272b24ec619";
};
};
"ecc-jsbn-0.1.1" = {
name = "ecc-jsbn";
packageName = "ecc-jsbn";
version = "0.1.1";
src = fetchurl {
url = "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.1.tgz";
sha1 = "0fc73a9ed5f0d53c38193398523ef7e543777505";
};
};
"extend-3.0.1" = {
name = "extend";
packageName = "extend";
version = "3.0.1";
src = fetchurl {
url = "https://registry.npmjs.org/extend/-/extend-3.0.1.tgz";
sha1 = "a755ea7bc1adfcc5a31ce7e762dbaadc5e636444";
};
};
"extsprintf-1.3.0" = {
name = "extsprintf";
packageName = "extsprintf";
version = "1.3.0";
src = fetchurl {
url = "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz";
sha1 = "96918440e3041a7a414f8c52e3c574eb3c3e1e05";
};
};
"fast-deep-equal-1.1.0" = {
name = "fast-deep-equal";
packageName = "fast-deep-equal";
version = "1.1.0";
src = fetchurl {
url = "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-1.1.0.tgz";
sha1 = "c053477817c86b51daa853c81e059b733d023614";
};
};
"fast-json-stable-stringify-2.0.0" = {
name = "fast-json-stable-stringify";
packageName = "fast-json-stable-stringify";
version = "2.0.0";
src = fetchurl {
url = "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.0.0.tgz";
sha1 = "d5142c0caee6b1189f87d3a76111064f86c8bbf2";
};
};
"forever-agent-0.6.1" = {
name = "forever-agent";
packageName = "forever-agent";
version = "0.6.1";
src = fetchurl {
url = "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz";
sha1 = "fbc71f0c41adeb37f96c577ad1ed42d8fdacca91";
};
};
"form-data-2.3.2" = {
name = "form-data";
packageName = "form-data";
version = "2.3.2";
src = fetchurl {
url = "https://registry.npmjs.org/form-data/-/form-data-2.3.2.tgz";
sha1 = "4970498be604c20c005d4f5c23aecd21d6b49099";
};
};
"getpass-0.1.7" = {
name = "getpass";
packageName = "getpass";
version = "0.1.7";
src = fetchurl {
url = "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz";
sha1 = "5eff8e3e684d569ae4cb2b1282604e8ba62149fa";
};
};
"har-schema-2.0.0" = {
name = "har-schema";
packageName = "har-schema";
version = "2.0.0";
src = fetchurl {
url = "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz";
sha1 = "a94c2224ebcac04782a0d9035521f24735b7ec92";
};
};
"har-validator-5.0.3" = {
name = "har-validator";
packageName = "har-validator";
version = "5.0.3";
src = fetchurl {
url = "https://registry.npmjs.org/har-validator/-/har-validator-5.0.3.tgz";
sha1 = "ba402c266194f15956ef15e0fcf242993f6a7dfd";
};
};
"hawk-6.0.2" = {
name = "hawk";
packageName = "hawk";
version = "6.0.2";
src = fetchurl {
url = "https://registry.npmjs.org/hawk/-/hawk-6.0.2.tgz";
sha512 = "1nl2hjr2mnhj5jlaz8mh54z7acwz5j5idkch04qgjk78756gw5d0fjk4a2immil5ij9ijdssb9ndpryvnh2xpcbgcjv8lxybn330als";
};
};
"hoek-4.2.1" = {
name = "hoek";
packageName = "hoek";
version = "4.2.1";
src = fetchurl {
url = "https://registry.npmjs.org/hoek/-/hoek-4.2.1.tgz";
sha512 = "1y8kprb3qldxqj31zai5n8dvhydsl9nn5w4rskhnbzzhldn6pm6n5lcyam3sfkb61a62d5m58k8im7z6ngwbd9cw9zp4zm4y7ckrf20";
};
};
"http-signature-1.2.0" = {
name = "http-signature";
packageName = "http-signature";
version = "1.2.0";
src = fetchurl {
url = "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz";
sha1 = "9aecd925114772f3d95b65a60abb8f7c18fbace1";
};
};
"iconv-2.2.3" = {
name = "iconv";
packageName = "iconv";
version = "2.2.3";
src = fetchurl {
url = "https://registry.npmjs.org/iconv/-/iconv-2.2.3.tgz";
sha1 = "e084d60eeb7d73da7f0a9c096e4c8abe090bfaed";
};
};
"inherits-2.0.3" = {
name = "inherits";
packageName = "inherits";
version = "2.0.3";
src = fetchurl {
url = "https://registry.npmjs.org/inherits/-/inherits-2.0.3.tgz";
sha1 = "633c2c83e3da42a502f52466022480f4208261de";
};
};
"irc-colors-1.4.2" = {
name = "irc-colors";
packageName = "irc-colors";
version = "1.4.2";
src = fetchurl {
url = "https://registry.npmjs.org/irc-colors/-/irc-colors-1.4.2.tgz";
sha512 = "0f75yhavbhr8lbh3lh83rvyfrrrcxjawnd2rz7sacjd3zxj5524xr28j66f2l11vlngdkbplxz5xsq9dnwrcyqa0jh64k2pvzhn17a1";
};
};
"is-typedarray-1.0.0" = {
name = "is-typedarray";
packageName = "is-typedarray";
version = "1.0.0";
src = fetchurl {
url = "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz";
sha1 = "e479c80858df0c1b11ddda6940f96011fcda4a9a";
};
};
"isarray-1.0.0" = {
name = "isarray";
packageName = "isarray";
version = "1.0.0";
src = fetchurl {
url = "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz";
sha1 = "bb935d48582cba168c06834957a54a3e07124f11";
};
};
"isstream-0.1.2" = {
name = "isstream";
packageName = "isstream";
version = "0.1.2";
src = fetchurl {
url = "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz";
sha1 = "47e63f7af55afa6f92e1500e690eb8b8529c099a";
};
};
"jsbn-0.1.1" = {
name = "jsbn";
packageName = "jsbn";
version = "0.1.1";
src = fetchurl {
url = "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz";
sha1 = "a5e654c2e5a2deb5f201d96cefbca80c0ef2f513";
};
};
"json-schema-0.2.3" = {
name = "json-schema";
packageName = "json-schema";
version = "0.2.3";
src = fetchurl {
url = "https://registry.npmjs.org/json-schema/-/json-schema-0.2.3.tgz";
sha1 = "b480c892e59a2f05954ce727bd3f2a4e882f9e13";
};
};
"json-schema-traverse-0.3.1" = {
name = "json-schema-traverse";
packageName = "json-schema-traverse";
version = "0.3.1";
src = fetchurl {
url = "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.3.1.tgz";
sha1 = "349a6d44c53a51de89b40805c5d5e59b417d3340";
};
};
"json-stringify-safe-5.0.1" = {
name = "json-stringify-safe";
packageName = "json-stringify-safe";
version = "5.0.1";
src = fetchurl {
url = "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz";
sha1 = "1296a2d58fd45f19a0f6ce01d65701e2c735b6eb";
};
};
"jsonify-0.0.0" = {
name = "jsonify";
packageName = "jsonify";
version = "0.0.0";
src = fetchurl {
url = "https://registry.npmjs.org/jsonify/-/jsonify-0.0.0.tgz";
sha1 = "2c74b6ee41d93ca51b7b5aaee8f503631d252a73";
};
};
"jsprim-1.4.1" = {
name = "jsprim";
packageName = "jsprim";
version = "1.4.1";
src = fetchurl {
url = "https://registry.npmjs.org/jsprim/-/jsprim-1.4.1.tgz";
sha1 = "313e66bc1e5cc06e438bc1b7499c2e5c56acb6a2";
};
};
"lodash.assign-4.2.0" = {
name = "lodash.assign";
packageName = "lodash.assign";
version = "4.2.0";
src = fetchurl {
url = "https://registry.npmjs.org/lodash.assign/-/lodash.assign-4.2.0.tgz";
sha1 = "0d99f3ccd7a6d261d19bdaeb9245005d285808e7";
};
};
"lodash.get-4.4.2" = {
name = "lodash.get";
packageName = "lodash.get";
version = "4.4.2";
src = fetchurl {
url = "https://registry.npmjs.org/lodash.get/-/lodash.get-4.4.2.tgz";
sha1 = "2d177f652fa31e939b4438d5341499dfa3825e99";
};
};
"lodash.has-4.5.2" = {
name = "lodash.has";
packageName = "lodash.has";
version = "4.5.2";
src = fetchurl {
url = "https://registry.npmjs.org/lodash.has/-/lodash.has-4.5.2.tgz";
sha1 = "d19f4dc1095058cccbe2b0cdf4ee0fe4aa37c862";
};
};
"lodash.uniq-4.5.0" = {
name = "lodash.uniq";
packageName = "lodash.uniq";
version = "4.5.0";
src = fetchurl {
url = "https://registry.npmjs.org/lodash.uniq/-/lodash.uniq-4.5.0.tgz";
sha1 = "d0225373aeb652adc1bc82e4945339a842754773";
};
};
"mime-db-1.33.0" = {
name = "mime-db";
packageName = "mime-db";
version = "1.33.0";
src = fetchurl {
url = "https://registry.npmjs.org/mime-db/-/mime-db-1.33.0.tgz";
sha512 = "36xnw59ik9fqym00cmwb5nyzg0l03k70cp413f7639j93wgmzk1mh0xjc7i6zz3r6k9xnwh0g5cm5a1f3y8c6plgy4qld7fm887ywh4";
};
};
"mime-types-2.1.18" = {
name = "mime-types";
packageName = "mime-types";
version = "2.1.18";
src = fetchurl {
url = "https://registry.npmjs.org/mime-types/-/mime-types-2.1.18.tgz";
sha512 = "22krj1kw7n9z10zdyx7smcaim4bzwqsqzhspwha06q58gcrxfp93hw2cd0vk5crhq5p2dwzqlpacg32lrmp5sjzb798zdzy35mdmkwm";
};
};
"mri-1.1.0" = {
name = "mri";
packageName = "mri";
version = "1.1.0";
src = fetchurl {
url = "https://registry.npmjs.org/mri/-/mri-1.1.0.tgz";
sha1 = "5c0a3f29c8ccffbbb1ec941dcec09d71fa32f36a";
};
};
"nan-2.10.0" = {
name = "nan";
packageName = "nan";
version = "2.10.0";
src = fetchurl {
url = "https://registry.npmjs.org/nan/-/nan-2.10.0.tgz";
sha512 = "349rr7x0djrlkav4gbhkg355852ingn965r0kkch8rr4cwp7qki9676zpq8cq988yszzd2hld6szsbbnd1v6rghzf11abn1nyzlj1vc";
};
};
"node-icu-charset-detector-0.2.0" = {
name = "node-icu-charset-detector";
packageName = "node-icu-charset-detector";
version = "0.2.0";
src = fetchurl {
url = "https://registry.npmjs.org/node-icu-charset-detector/-/node-icu-charset-detector-0.2.0.tgz";
sha1 = "c2320da374ddcb671fc54cb4a0e041e156ffd639";
};
};
"oauth-sign-0.8.2" = {
name = "oauth-sign";
packageName = "oauth-sign";
version = "0.8.2";
src = fetchurl {
url = "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.8.2.tgz";
sha1 = "46a6ab7f0aead8deae9ec0565780b7d4efeb9d43";
};
};
"performance-now-2.1.0" = {
name = "performance-now";
packageName = "performance-now";
version = "2.1.0";
src = fetchurl {
url = "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz";
sha1 = "6309f4e0e5fa913ec1c69307ae364b4b377c9e7b";
};
};
"process-nextick-args-2.0.0" = {
name = "process-nextick-args";
packageName = "process-nextick-args";
version = "2.0.0";
src = fetchurl {
url = "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.0.tgz";
sha512 = "0rw8xpqqkhs91722slvzf8icxfaimqp4w8zb3840jxr7r8n8035byl6dhdi5bm0yr6x7sdws0gf3m025fg6hqgaklwlbl4d7bah5l9j";
};
};
"punycode-1.4.1" = {
name = "punycode";
packageName = "punycode";
version = "1.4.1";
src = fetchurl {
url = "https://registry.npmjs.org/punycode/-/punycode-1.4.1.tgz";
sha1 = "c0d5a63b2718800ad8e1eb0fa5269c84dd41845e";
};
};
"qs-6.5.1" = {
name = "qs";
packageName = "qs";
version = "6.5.1";
src = fetchurl {
url = "https://registry.npmjs.org/qs/-/qs-6.5.1.tgz";
sha512 = "3waqapyj1k4g135sgj636rmswiaixq19is1rw0rpv4qp6k7dl0a9nwy06m7yl5lbdk9p6xpwwngnggbzlzaz6rh11c86j2nvnnf273r";
};
};
"readable-stream-2.3.6" = {
name = "readable-stream";
packageName = "readable-stream";
version = "2.3.6";
src = fetchurl {
url = "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.6.tgz";
sha512 = "0mj9b6190amln9rg89x5pq2n195s3v0gzicpdamv1kbabg69aw5m71l34jsjn7bqil7405l6l35x9ijnb3h4jz5vx2i00l8sl1ll2xm";
};
};
"safe-buffer-5.1.1" = {
name = "safe-buffer";
packageName = "safe-buffer";
version = "5.1.1";
src = fetchurl {
url = "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.1.tgz";
sha512 = "1p28rllll1w65yzq5azi4izx962399xdsdlfbaynn7vmp981hiss05jhiy9hm7sbbfk3b4dhlcv0zy07fc59mnc07hdv6wcgqkcvawh";
};
};
"sax-1.2.4" = {
name = "sax";
packageName = "sax";
version = "1.2.4";
src = fetchurl {
url = "https://registry.npmjs.org/sax/-/sax-1.2.4.tgz";
sha512 = "1dn291mjsda42w8kldlbmngk6dhjxfbvvd5lckyqmwbjaj6069iq3wx0nvcfglwnpddz2qa93lzf4hv77iz43bd2qixa079sjzl799n";
};
};
"sntp-2.1.0" = {
name = "sntp";
packageName = "sntp";
version = "2.1.0";
src = fetchurl {
url = "https://registry.npmjs.org/sntp/-/sntp-2.1.0.tgz";
sha512 = "0k2smmr24w5hb1cpql6vcgh58vzp4pmh9anf0bgz3arlsgq1mapnlq9fjqr6xs10aq1cmxaw987fwknqi62frax0fvs9bj3q3kmpg8l";
};
};
"sshpk-1.14.1" = {
name = "sshpk";
packageName = "sshpk";
version = "1.14.1";
src = fetchurl {
url = "https://registry.npmjs.org/sshpk/-/sshpk-1.14.1.tgz";
sha1 = "130f5975eddad963f1d56f92b9ac6c51fa9f83eb";
};
};
"string_decoder-1.1.1" = {
name = "string_decoder";
packageName = "string_decoder";
version = "1.1.1";
src = fetchurl {
url = "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz";
sha512 = "315yd4vzwrwk3vwj1klf46y1cj2jbvf88066y2rnwhksb98phj46jkxixbwsp3h607w7czy7cby522s7sx8mvspdpdm3s72y2ga3x4z";
};
};
"stringstream-0.0.5" = {
name = "stringstream";
packageName = "stringstream";
version = "0.0.5";
src = fetchurl {
url = "https://registry.npmjs.org/stringstream/-/stringstream-0.0.5.tgz";
sha1 = "4e484cd4de5a0bbbee18e46307710a8a81621878";
};
};
"tough-cookie-2.3.4" = {
name = "tough-cookie";
packageName = "tough-cookie";
version = "2.3.4";
src = fetchurl {
url = "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.3.4.tgz";
sha512 = "0ncm6j3cjq1f26mzjf04k9bkw1b08w53s4qa3a11c1bdj4pgnqv1422c1xs5jyy6y1psppjx52fhagq5zkjkgrcpdkxcdiry96r77jd";
};
};
"tunnel-agent-0.6.0" = {
name = "tunnel-agent";
packageName = "tunnel-agent";
version = "0.6.0";
src = fetchurl {
url = "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz";
sha1 = "27a5dea06b36b04a0a9966774b290868f0fc40fd";
};
};
"tweetnacl-0.14.5" = {
name = "tweetnacl";
packageName = "tweetnacl";
version = "0.14.5";
src = fetchurl {
url = "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz";
sha1 = "5ae68177f192d4456269d108afa93ff8743f4f64";
};
};
"util-deprecate-1.0.2" = {
name = "util-deprecate";
packageName = "util-deprecate";
version = "1.0.2";
src = fetchurl {
url = "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz";
sha1 = "450d4dc9fa70de732762fbd2d4a28981419a0ccf";
};
};
"uuid-3.2.1" = {
name = "uuid";
packageName = "uuid";
version = "3.2.1";
src = fetchurl {
url = "https://registry.npmjs.org/uuid/-/uuid-3.2.1.tgz";
sha512 = "0843vl1c974n8kw5kn0kvhvhwk8y8jydr0xkwwl2963xxmkw4ingk6xj9c8m48jw2i95giglxzq5aw5v5mij9kv7fzln8pxav1cr6cd";
};
};
"verror-1.10.0" = {
name = "verror";
packageName = "verror";
version = "1.10.0";
src = fetchurl {
url = "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz";
sha1 = "3a105ca17053af55d6e270c1f8288682e18da400";
};
};
};
in
{
feedparser = nodeEnv.buildNodePackage {
name = "feedparser";
packageName = "feedparser";
version = "2.2.9";
src = fetchurl {
url = "https://registry.npmjs.org/feedparser/-/feedparser-2.2.9.tgz";
sha1 = "9138197dafdae05fcadde0036beeaf6066c2c5e9";
};
dependencies = [
sources."addressparser-1.0.1"
sources."array-indexofobject-0.0.1"
sources."core-util-is-1.0.2"
sources."inherits-2.0.3"
sources."isarray-1.0.0"
sources."lodash.assign-4.2.0"
sources."lodash.get-4.4.2"
sources."lodash.has-4.5.2"
sources."lodash.uniq-4.5.0"
sources."mri-1.1.0"
sources."process-nextick-args-2.0.0"
sources."readable-stream-2.3.6"
sources."safe-buffer-5.1.1"
sources."sax-1.2.4"
sources."string_decoder-1.1.1"
sources."util-deprecate-1.0.2"
];
buildInputs = globalBuildInputs;
meta = {
description = "Robust RSS Atom and RDF feed parsing using sax js";
homepage = http://github.com/danmactough/node-feedparser;
license = "MIT";
};
production = true;
bypassCache = true;
};
form-data = nodeEnv.buildNodePackage {
name = "form-data";
packageName = "form-data";
version = "2.3.2";
src = fetchurl {
url = "https://registry.npmjs.org/form-data/-/form-data-2.3.2.tgz";
sha1 = "4970498be604c20c005d4f5c23aecd21d6b49099";
};
dependencies = [
sources."asynckit-0.4.0"
sources."combined-stream-1.0.6"
sources."delayed-stream-1.0.0"
sources."mime-db-1.33.0"
sources."mime-types-2.1.18"
];
buildInputs = globalBuildInputs;
meta = {
description = "A library to create readable \"multipart/form-data\" streams. Can be used to submit forms and file uploads to other web applications.";
license = "MIT";
};
production = true;
bypassCache = true;
};
irc = nodeEnv.buildNodePackage {
name = "irc";
packageName = "irc";
version = "0.5.2";
src = fetchurl {
url = "https://registry.npmjs.org/irc/-/irc-0.5.2.tgz";
sha1 = "3714f4768365a96d0b2f776bc91166beb2464bbc";
};
dependencies = [
sources."iconv-2.2.3"
sources."irc-colors-1.4.2"
sources."nan-2.10.0"
sources."node-icu-charset-detector-0.2.0"
];
buildInputs = globalBuildInputs;
meta = {
description = "An IRC client library for node";
homepage = "https://github.com/martynsmith/node-irc#readme";
license = "GPL-3.0";
};
production = true;
bypassCache = true;
};
request = nodeEnv.buildNodePackage {
name = "request";
packageName = "request";
version = "2.85.0";
src = fetchurl {
url = "https://registry.npmjs.org/request/-/request-2.85.0.tgz";
sha512 = "2d3hg10zs5ycnr8prmiwdhacf88fl0x0bi6szs0z2r07zcbk419laixwpjp8sqapbc2ifyyih7p3r60wgr58bmcncz3pqnx523c8zph";
};
dependencies = [
sources."ajv-5.5.2"
sources."asn1-0.2.3"
sources."assert-plus-1.0.0"
sources."asynckit-0.4.0"
sources."aws-sign2-0.7.0"
sources."aws4-1.6.0"
sources."bcrypt-pbkdf-1.0.1"
sources."boom-4.3.1"
sources."caseless-0.12.0"
sources."co-4.6.0"
sources."combined-stream-1.0.6"
sources."core-util-is-1.0.2"
(sources."cryptiles-3.1.2" // {
dependencies = [
sources."boom-5.2.0"
];
})
sources."dashdash-1.14.1"
sources."delayed-stream-1.0.0"
sources."ecc-jsbn-0.1.1"
sources."extend-3.0.1"
sources."extsprintf-1.3.0"
sources."fast-deep-equal-1.1.0"
sources."fast-json-stable-stringify-2.0.0"
sources."forever-agent-0.6.1"
sources."form-data-2.3.2"
sources."getpass-0.1.7"
sources."har-schema-2.0.0"
sources."har-validator-5.0.3"
sources."hawk-6.0.2"
sources."hoek-4.2.1"
sources."http-signature-1.2.0"
sources."is-typedarray-1.0.0"
sources."isstream-0.1.2"
sources."jsbn-0.1.1"
sources."json-schema-0.2.3"
sources."json-schema-traverse-0.3.1"
sources."json-stringify-safe-5.0.1"
sources."jsprim-1.4.1"
sources."mime-db-1.33.0"
sources."mime-types-2.1.18"
sources."oauth-sign-0.8.2"
sources."performance-now-2.1.0"
sources."punycode-1.4.1"
sources."qs-6.5.1"
sources."safe-buffer-5.1.1"
sources."sntp-2.1.0"
sources."sshpk-1.14.1"
sources."stringstream-0.0.5"
sources."tough-cookie-2.3.4"
sources."tunnel-agent-0.6.0"
sources."tweetnacl-0.14.5"
sources."uuid-3.2.1"
sources."verror-1.10.0"
];
buildInputs = globalBuildInputs;
meta = {
description = "Simplified HTTP request client.";
homepage = "https://github.com/request/request#readme";
license = "Apache-2.0";
};
production = true;
bypassCache = true;
};
shell-quote = nodeEnv.buildNodePackage {
name = "shell-quote";
packageName = "shell-quote";
version = "1.6.1";
src = fetchurl {
url = "https://registry.npmjs.org/shell-quote/-/shell-quote-1.6.1.tgz";
sha1 = "f4781949cce402697127430ea3b3c5476f481767";
};
dependencies = [
sources."array-filter-0.0.1"
sources."array-map-0.0.0"
sources."array-reduce-0.0.0"
sources."jsonify-0.0.0"
];
buildInputs = globalBuildInputs;
meta = {
description = "quote and parse shell commands";
homepage = "https://github.com/substack/node-shell-quote#readme";
license = "MIT";
};
production = true;
bypassCache = true;
};
}

File diff suppressed because it is too large Load diff

View file

@ -0,0 +1,7 @@
[
"feedparser",
"form-data",
"irc",
"request",
"shell-quote"
]

View file

@ -0,0 +1,2 @@
node2nix -8 -i pkgs.json -c combine.nix
rm node-env.nix combine.nix

64
krebs/kops.nix Normal file
View file

@ -0,0 +1,64 @@
{ name }: rec {
kops = (import <nixpkgs> {}).fetchgit {
url = https://cgit.krebsco.de/kops/;
rev = "e89cf20d4310070a877c2e24a287659546b561c9";
sha256 = "0wg8d80sxa46z4i7ir79sci2hwmv3qskzqdg0si64p6vazy8vckb";
};
lib = import "${kops}/lib";
# TODO document why pkgs should be used like this
pkgs = import "${kops}/pkgs" {};
krebs-source = {
nixpkgs.git = {
ref = "09bca91e3b5a18d7f37f7632175ac71f2bf369ff";
url = https://github.com/NixOS/nixpkgs;
};
stockholm.file = toString ~/stockholm;
stockholm-version.pipe = toString (pkgs.writeDash "${name}-version" ''
set -efu
cd $HOME/stockholm
V=$(${pkgs.coreutils}/bin/date +%y.%m)
if test -d .git; then
V=$V.git.$(${pkgs.git}/bin/git describe --always --dirty)
case $V in (*-dirty)
V=$V@''${HOSTNAME-$(${pkgs.nettools}/bin/hostname)}
esac
fi
printf %s "$V"
'');
};
source ={ test }: lib.evalSource [
krebs-source
{
nixos-config.symlink = "stockholm/krebs/1systems/${name}/config.nix";
secrets =
if test
then {
file = toString <stockholm/krebs/6tests/data/secrets>;
}
else {
pass = {
dir = "${lib.getEnv "HOME"}/brain";
name = "krebs-secrets/${name}";
};
}
;
}
];
# usage: $(nix-build --no-out-link --argstr name HOSTNAME -A deploy)
deploy = pkgs.kops.writeDeploy "${name}-deploy" {
source = source { test = false; };
target = "root@${name}/var/src";
};
# usage: $(nix-build --no-out-link --argstr name HOSTNAME -A test)
test = pkgs.kops.writeTest "${name}-test" {
source = source { test = true; };
target = "${lib.getEnv "HOME"}/tmp/${name}-kops-test-src";
};
}

View file

@ -24,7 +24,7 @@ in
stockholm-version.pipe = "${pkgs.stockholm}/bin/get-version";
nixpkgs.git = {
url = https://github.com/NixOS/nixpkgs;
ref = "b6ddb9913f2b8206837e0f137db907bdefb9275e"; # nixos-18.03 # 2018-03-24
ref = "09bca91e3b5a18d7f37f7632175ac71f2bf369ff"; # nixos-18.03 # 2018-04-02
};
}
override

View file

@ -140,6 +140,7 @@ with import <stockholm/lib>;
dpass
dnsutils
generate-secrets
];
#TODO: fix this shit
@ -167,14 +168,8 @@ with import <stockholm/lib>;
environment.shellAliases = {
deploy = pkgs.writeDash "deploy" ''
set -eu
export PATH=${makeBinPath [
pkgs.bash
pkgs.coreutils
pkgs.nixUnstable
]}
cd ~/stockholm
export SYSTEM="$1"
exec nix-shell -I stockholm="$PWD" --run 'deploy --system="$SYSTEM"'
$(nix-build $HOME/stockholm/lass/kops.nix --no-out-link --argstr name "$SYSTEM" -A deploy)
'';
};

View file

@ -26,7 +26,12 @@ let
lass.xjail.${name} = {
inherit script groups dpi;
};
environment.systemPackages = [ config.lass.xjail-bins.${name} ];
environment.systemPackages = [
config.lass.xjail-bins.${name}
(pkgs.writeDashBin "cx-${name}" ''
DISPLAY=:${toString (genid_signed name)} ${pkgs.xclip}/bin/xclip -o | DISPLAY=:0 ${pkgs.xclip}/bin/xclip
'')
];
lass.browser.paths.${name} = {
path = config.lass.xjail-bins.${name};
inherit precedence;

View file

@ -14,7 +14,13 @@
RestartSec = "5";
};
};
networking.networkmanager.enable = true;
networking.networkmanager = {
enable = true;
unmanaged = [
"docker*"
"vboxnet*"
];
};
users.users.mainUser = {
extraGroups = [ "networkmanager" ];
packages = with pkgs; [

View file

@ -84,7 +84,7 @@ with import <stockholm/lib>;
(buildSimpleReaktorPlugin "ping" {
pattern = "^!ping (?P<args>.*)$$";
script = pkgs.writeDash "ping" ''
exec /var/setuid-wrappers/ping -q -c1 "$1" 2>&1 | tail -1
exec /run/wrappers/bin/ping -q -c1 "$1" 2>&1 | tail -1
'';
})
];

View file

@ -61,6 +61,21 @@ let
origin.url = "http://cgit.lassul.us/${name}";
mirror.url = "${mirror}${name}";
};
makefu-staging = {
origin.url = "http://cgit.gum/${name}";
origin.ref = "heads/staging";
mirror.url = "${mirror}${name}";
};
tv-staging = {
origin.url = "http://cgit.ni.r/${name}";
origin.ref = "heads/staging";
mirror.url = "${mirror}${name}";
};
nin-staging = {
origin.url = "http://cgit.onondaga.r/${name}";
origin.ref = "heads/staging";
mirror.url = "${mirror}${name}";
};
};
latest = {
url = "${mirror}${name}";

View file

@ -6,6 +6,8 @@ let
in {
#services.virtualboxHost.enable = true;
virtualisation.virtualbox.host.enable = true;
nixpkgs.config.virtualbox.enableExtensionPack = true;
virtualisation.virtualbox.host.enableHardening = false;
users.extraUsers = {
virtual = {

View file

@ -147,6 +147,10 @@ myKeyMap =
export PATH=$PATH:${pkgs.dmenu}/bin:${pkgs.networkmanagerapplet}/bin
exec ${pkgs.networkmanager_dmenu}/bin/networkmanager_dmenu "$@"
''}")
, ("M4-<Insert>", spawn "${pkgs.writeDash "paste" ''
${pkgs.coreutils}/bin/sleep 0.1
${pkgs.xclip}/bin/xclip -o | ${pkgs.xdotool}/bin/xdotool type -f -
''}")
, ("M4-<F5>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 1")
, ("M4-<F6>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 10")

View file

@ -31,7 +31,6 @@ in {
fi
${self.coreutils}/bin/rm $tmp
'';
rtl8814au = callPackage ./custom/rtl8814au { kernel = self.linux; };
}
// mapAttrs (_: flip callPackage {})

View file

@ -0,0 +1,46 @@
{ pkgs }:
pkgs.writeDashBin "generate-secrets" ''
HOSTNAME="$1"
TMPDIR=$(${pkgs.coreutils}/bin/mktemp -d)
PASSWORD=$(${pkgs.pwgen}/bin/pwgen 25 1)
HASHED_PASSWORD=$(echo $PASSWORD | ${pkgs.hashPassword}/bin/hashPassword -s) > /dev/null
${pkgs.openssh}/bin/ssh-keygen -t ed25519 -f $TMPDIR/ssh.id_ed25519 -P "" -C "" >/dev/null
${pkgs.openssl}/bin/openssl genrsa -out $TMPDIR/retiolum.rsa_key.priv 4096 2>/dev/null > /dev/null
${pkgs.openssl}/bin/openssl rsa -in $TMPDIR/retiolum.rsa_key.priv -pubout -out $TMPDIR/retiolum.rsa_key.pub 2>/dev/null > /dev/null
cat <<EOF > $TMPDIR/hashedPasswords.nix
{
root = "$HASHED_PASSWORD";
mainUser = "$HASHED_PASSWORD";
}
EOF
cd $TMPDIR
for x in *; do
${pkgs.coreutils}/bin/cat $x | ${pkgs.pass}/bin/pass insert -m hosts/$HOSTNAME/$x > /dev/null
done
echo $PASSWORD | ${pkgs.pass}/bin/pass insert -m admin/hosts/$HOSTNAME/pass > /dev/null
cat <<EOF
$HOSTNAME = {
cores = 1;
nets = {
retiolum = {
ip4.addr = "10.243.0.changeme";
ip6.addr = "42:0:0:0:0:0:0:changeme";
aliases = [
"$HOSTNAME.r"
];
tinc.pubkey = ${"''"}
$(cat $TMPDIR/retiolum.rsa_key.pub)
${"''"};
};
};
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "$(cat $TMPDIR/ssh.id_ed25519.pub)";
};
EOF
rm -rf $TMPDIR
''

35
lass/kops.nix Normal file
View file

@ -0,0 +1,35 @@
{ name }: let
inherit (import ../krebs/kops.nix { inherit name; })
krebs-source
lib
pkgs
;
source = { test }: lib.evalSource [
krebs-source
{
nixos-config.symlink = "stockholm/lass/1systems/${name}/config.nix";
secrets = if test then {
file = "/home/lass/stockholm/lass/2configs/tests/dummy-secrets";
} else {
pass = {
dir = "${lib.getEnv "HOME"}/.password-store";
name = "hosts/${name}";
};
};
}
];
in {
# usage: $(nix-build --no-out-link --argstr name HOSTNAME -A deploy)
deploy = pkgs.kops.writeDeploy "${name}-deploy" {
source = source { test = false; };
target = "root@${name}/var/src";
};
# usage: $(nix-build --no-out-link --argstr name HOSTNAME -A test)
test = pkgs.kops.writeTest "${name}-test" {
source = source { test = true; };
target = "${lib.getEnv "HOME"}/tmp/${name}-kops-test-src";
};
}